This connector for Bamboo performs continuous vulnerability detection for container images built in DevOps environment
Qualys as a Task
Use the Qualys connector as a task in your bamboo project. In the Tasks tab, click Add Task, and simply search for “Qualys” to get the 'Scan container images with Qualys CS' task. Click on it to add it as a task.
Configure the Qualys connector. You can either provide a global configuration or a local configuration. Global configuration can be set once and used for multiple projects.
When the build task runs, it polls in the vulnerability data for configured container image/s from Qualys platform and renders nice visual reports of the vulnerabilities and statistics.
Qualys Container Security provides discovery, tracking, and continuous protection for container environments. This addresses vulnerability management for images and containers in their DevOps pipeline and deployments across cloud and on-premise environments. Atlassian Bamboo users can integrate with Qualys Container Security to get the vulnerability analysis of images in the build environment. You need to buy Qualys subscription in order to deploy and use the plugin. Install the Container Sensor on the Build host (nodes) where the images are being created. The sensor performs a vulnerability analysis of the images configured in connector. The Bamboo connector provides detail list of the vulnerabilities and its details directly within the connector. You can optionally access your Qualys subscription to view the full report. For more details, please refer Qualys Container Scanning Connector for Bamboo User Guide.
Privacy and security